According to reports, police in 20 countries arrested 70 people in mid-July, saying they were part of a group that traded in all sorts of nifty stuff (if you are a hacker) like hacking tools, zero day exploits, stolen credit cards, and spamming and botnet services. Assuming that there are 800 groups like this and no new ones are formed, at this rate we will clean things up in around 1,600 years.
And, that is the problem. Unlike old fashioned bank robberies where you have to go to the bank, these groups can operate from anywhere in the world.
Many of them are in unfriendly countries and use service providers (the so called bullet-proof hosters) that flip the bird to the FBI.
Now, less than two weeks later, this group that the FBI and other law enforcement agencies created so much press over is operational again. Just like the Mafia, unless you arrest every single member – and no new members come in to fill in the void – it is very hard to stop. The hackers are improving security. Using Tor. On Tor, each user will be given his or her own IP address. Authentication will be through Blockchain. And, I am sure, a host of other improvements. Unfortunately, like the mythical Hydra, you cut off one head and another one grows back.
I am not belittling what the FBI and other law enforcement agencies are doing, but unfortunately, it is like going elephant hunting with a fly swatter. They are outgunned. The crooks are operating worldwide in countries not friendly to us and using service providers that do not care about U.S. warrants.
While law enforcement activities like this keep the heat on these groups and certainly will take out the careless and unsophisticated, we cannot, and should not, expect the police to be able to win this battle by themselves. Businesses who write software and use software (that pretty much covers everyone, right) need to step up their game.
Software developers need to improve the security of the software that they write. This means INTERNAL CORPORATE software developers too because that is actually the vast majority of the software out there. That takes time, training, tools and money.
Software users (that would be you and me) need to step up our game on security consciousness. That includes simple stuff like not using passwords like 123456 and more complicated things like not using some service that exposes information just because it makes our job a little bit easier.
Unfortunately, there is no easy answer, but unless we make it a little more difficult for the bad guys, we may be their next victim.
The FBI press release on the operation can be found here.
An article from Wired on the takedown from mid July can be found here.
An article from Krebs on bullet-proof hosting can be found here.
Finally, an article on the rebirth of Darkode can be found here.